Information Technology News

The latest news from the Office of Information Technology

You are here: Home / Archives for Voice and Data Services / Network Security

Network Security

Linux Security Talk

by

On September 9th, over 40 users and supporters of the Linux operating system attended a 2 hour talk by NACS’ Ted Gielow concerning security issues. Linux has been growing in popularity as an inexpensive and effective variety of the UNIX operating system, as it accommodates both computational and e-mail/Web server uses. Linux systems are very powerful and easy to setup, but are vulnerable to attack if not setup and maintained properly. Break-ins jeopardize computer availability, as well as valuable data and other academic pursuits. Since systems are connected to the campus network, they can be used to disrupt departmental or network communications and are thus a campus-wide concern.

Ted, who is a member of NACS’ Computing/Network Security Team, gave helpful hints on permission settings and on commands to determine what is running, who is connected, and more. He dispelled myths about hackers, discussed how to reduce exposure to network break-ins, talked about security software, and made suggestions for system administration and backups.

See the following document for information on making a UNIX system more secure:

http://www.nacs.uci.edu/support/dcs/security/hardening.html

Keeping a system secure is an ongoing effort — if you are interested in someone else doing it for you, NACS’ Distributed Computing Support (DCS) group provides support services for Red Hat Linux and other UNIX variants. See the following for information on DCS services:

http://www.nacs.uci.edu/support/sysadmin/sysadmin.html

Please contact us at our NACS@UCI.EDU e-mail address to express interest in future seminars, or if you have any Linux or system security concerns.

EA System Spring Quarter Hacker Attack

by

In a past edition of NACS-News, information was shared about the increasing frequency of computer system break-ins and related activities across the Internet. Several other attacks have been fought off by UCI computer supporters since that article was written. One major incident involved NACS’ student computing cluster, EA. In late May, an intruder used a flaw in Sun’s UNIX operating system (now fixed) to gain privileged access to the EA system. He ran a network “packet sniffer” for about 24 hours, which enabled him to collect passwords for about 1300 EA users. As a result, NACS was forced to have each of those 1300 people change his or her password, which was a major inconvenience for all.

NACS continues to investigate ways to reduce the impact of visits by these unwelcome intruders. Substantial staff time is already put into monitoring security alerts and installing patches to correct operating system security problems as they are discovered. NACS has obtained a bulk software license for a secure-Telnet product for Macs and PCs. Using secure-Telnet to connect to remote hosts protects user data and passwords from being sniffed by intruders who gain illegal access to systems connected to the network.

Hackers, Network Attacks, and You

by

NACS would like the campus community to be aware that there are increasing numbers of people who use their Internet access to attempt to compromise security on computers connected to the network. Their intentions are more often to “have some fun” rather than to steal anything. Simply gaining access, causing pointless network traffic, and the like, is sport for them. This means you need not have something “important” on your system for it to be a target. If hackers come, they will be disruptive — perhaps just in terms of the target system itself, but more likely in terms of the network as a whole.

LINUX, like other powerful, multi-user operating systems, is a frequent target among hackers. Last summer we had at least 10 Linux systems broken into. The hackers caused downtime, started “ping bombs” on local UCI networks that caused significant network slowing, forced users to re-install operating system software, and forced NACS to disconnect parts of the network at times to prevent greater outages/security-issues.

System Owner Responsibilities

Hackers will not stop at UNIX-based systems like Linux; Windows NT and other systems are also at risk. If you are the owner of a NT, Linux, UNIX, or other multi-user system, you should be aware of the possibility of network attacks. To reduce the likelihood of attacks, someone must follow security alerts and install patches on your computers as necessary. Further, your systems should be regularly inspected for signs of a break-in. If you need help, contact your local computing supporter or NACS for advice.

NACS Actions to Protect the Network

To maintain the integrity of the network, NACS must occasionally disconnect systems that have been violated. Every attempt is made to contact local supporters and/or system owners before taking such a step. Please take appropriate steps to make your systems secure to avoid losing network connectivity and to keep the campus network secure overall.

NACS also has a “firewall” router in place that controls flow of all traffic between UCI and the rest of the Internet. The firewall is occasionally used to disallow access from certain hosts or parts of the Internet that are the source of network problems or hacker attacks. Such access restrictions are announced to the Network Operations Mailing list, UCINET-OPS-NET@UCI.EDU, and are removed as soon as the appropriate authority can be notified and correct the situation. The firewall allows NACS to keep UCInet up and running despite the anti-social activities of a few.

NACS Security Team

NACS has recently created a team of NACS and other staff to review campus network and computer security, make recommendations on how to improve it, and act as a coordination device when network attacks occur. If you have questions, concerns or other input about network security, please contact NACS.

Access to UCI-Only Web Sites From Commercial ISPs

by

Note: The Web Proxy Gateway was replaced with the WebVPN

NACS is pleased to announce the UCI Web Proxy Gateway. The Gateway allows UCI faculty, students and staff with active UCInetIDs to access UCI-restricted Internet WWW resources from non-UCI network locations. This means UCI community members who use commercial Internet Service Providers (ISPs) such as Pacific Bell Internet or America OnLine (AOL) can now access key Web resources from off-campus.

In partnership with NACS, the UCI Libraries are providing UCI Web Proxy Gateway access from the UCI Libraries Homepage to key, previously restricted, research resources. These include: MELVYL‘s Medline, Current Contents, and INSPEC databases;Britannica Online; as well as many electronic, full-text journals available from publishers such as Johns Hopkins’ Project Museand the Institute of Physics. Additional resources will be added as they are acquired by the Libraries.

The UCI Libraries Homepage, including the complete list of electronic resources currently available, may be found at:http://www.lib.uci.edu/ The UCI Web Proxy Gateway, including detailed documentation, may be found at: http://gateway.uci.edu/

Please send questions and comments about the gateway to NACS@UCI.EDU.

Questions about Library resources may be sent to LIBRARIES@UCI.EDU.